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Amendments to the Claims 

The listing of claims will replace all prior versions, and listings of claims in the 
application. 

1 . (Original) A method comprising: 

allowing a station to have a first connection to a network over a first 

interface; and 

determining that the station is attempting to have a second connection to 
the network over a second interface other than the first interface. 

2. (Currently Amended) The method defined in Claim 1 wherein the 
determining step that th e station is att e mpting to hav e a second conn e ction to the 
n e twork comprises checking memory associated with the station to see if the first and 
second interfaces belong to the station. 

3. (Currently Amended) The method defined in Claim 2 wherein the 
memory comprises a table with locations indicating the first and second interfaces for the 
station. 

4. (Original) The method defined in Claim 3 wherein checking memory 
associated with the station to see if the first and second interfaces belong to the station 
comprises searching the locations in the table to determine if media access control 
(MAC) addresses of the first and second interfaces are listed as belonging to the station. 
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5. (Currently Amended) The method defined in Claim 1 further comprising 
enforcing a security policy if in response to d e termining -that the station is attempting to 
connect to the network over the [[a]] second interface oth e r than th e first int e rfac e. 

6. (Original) The method defined in Claim 5 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
station, and wherein enforcing the security policy comprises denying the second 
connection to the network. 

7. (Original) The method defined in Claim 6 wherein denying the second 
connection comprises disabling a MAC address associated with the second interface. 

8. (Original) The method defined in Claim 5 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
station, and wherein enforcing the security policy comprises disabling the first 
connection to the network. 

9. (Original) The method defined in Claim 8 wherein disabling the first 
connection comprises removing a MAC address associated with the first interface from a 
list of active stations. 

10. (Original) The method defined in Claim 5 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
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station, and wherein enforcing the security policy comprises denying the first and second 
connections to the network. 



1 1 . (Original) The method defined in Claim 10 wherein denying the first 
connection comprises removing a MAC address associated with the first interface from a 
list of active stations and disabling its corresponding entry in the access control list, and 
further wherein denying the second connection comprises disabling a second MAC 
address associated with the second interface from becoming listed in a list of active 
stations. 

12. (Original) The method defined in Claim 5 wherein the security policy 
allows access to the network by the station over multiple interfaces. 

13. (Original) A method comprising: 

reconciling a plurality of interfaces corresponding to a single station when 
the station has access to a network resource through a first of the plurality of interfaces 
and is attempting to gain access to the network resource through a second of the plurality 
of interfaces; and 

enforcing a security policy with respect to the single station in response to 
the single station attempting to have a plurality of interfaces by which to access the 
network resource. 
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14. (Original) A switch for providing access to a network for one or more 
stations, the switch comprising: 

a plurality of ports; 

a controller coupled to the ports to allow a station to have a first 
connection to a network over a first interface and to determine that the station is 
attempting to have a second connection to the network over a second interface other than 
the first interface. 

15. (Currently Amended) The switch defined in Claim 14 wherein the 
controller determines that the station is attempting to have the [[a]] second connection to 
the network by checking memory associated with the station to see if the first and second 
interfaces belong to the station. 

16. (Original) The switch defined in Claim 1 5 further comprising a memory 
coupled to the controller, the memory to store a table with locations indicating interfaces 
for the station. 

17. (Original) The switch defined in Claim 16 wherein the controller checks 
the memory associated with the station to see if the first and second interfaces belong to 
the station by searching the locations in the table to determine if media access control 
(MAC) addresses of the first and second interfaces are listed as belonging to the station. 
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18. (Original) The switch defined in Claim 14 wherein the controller enforces 
a security policy in response to determining that the station is attempting to connect to 
the network over a second interface other than the first interface. 

19. (Original) The switch defined in Claim 18 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
station, and wherein the controller enforces the security policy by denying the second 
connection to the network. 

20. (Original) The switch defined in Claim 19 wherein denying the second 
connection comprises disabling a MAC address associated with the second interface. 

21. (Original) The switch defined in Claim 18 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
station, and wherein the controller enforces the security policy by disabling the first 
connection to the network. 

22. (Original) The switch defined in Claim 21 wherein the controller denies 
the first connection by removing a MAC address associated with the first interface from 
a list of active stations. 

23. (Original) The switch defined in Claim 1 8 wherein the security policy 
does not permit connection to the network through multiple interfaces of the same 
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station, and wherein the controller enforces the security policy by disabling the first and 
denying the second connections to the network. 

24. (Original) The switch defined in Claim 10 wherein the controller disables 
the first connection by removing a MAC address associated with the first interface from 
a list of active stations and denies the second connection by disabling a second MAC 
address associated with the second interface from becoming listed in a list of active 
stations. 

25. (Original) A method comprising: 

allowing a station to have a set of one or more connections to a network 
over a first set of one or more interfaces; 

determining that the station is attempting to have another connection to 
the network over another interface other than the first set of interfaces; and 

performing an action in response to determining the station is attempting the 
other connection. 



Atty. Dkt. No. 1875.7300004 



